Audible authentication

ABSTRACT

A method is disclosed. A digital assistant device receives a biometric sample from a user and then converts the biometric sample to a biometric template. The digital assistant device can scan for user devices in communication range of the digital assistant device, thereby receiving user device identifiers. The digital assistant device can transmit, to a server computer, an authentication request comprising the biometric template and at least one user device identifier. The digital assistant device can then receive a cryptogram request message comprising the at least one user device identifier, from the server computer. The digital assistant device can transmit, to a user device corresponding to the at least one user device identifier, the cryptogram request message and can then receive a cryptogram. The digital assistant device can then transmit the cryptogram to the server computer. The server computer verifies the cryptogram before further processing of a transaction.

BACKGROUND

Voice activated electronic devices are becoming more prevalent. Anindividual can speak a command to activate such a device. In response toa voice command, the device can perform various functions, such asturning an appliance on or off, searching a query on the Internet,performing a transaction, etc.

However, typical voice activated electronic devices only respond tocommands from one individual and not others. The device can determinethe command and perform the specified function. This is problematic whenmany individuals may attempt to use a shared device or the voiceactivated electronic device is a publicly used device. Shared digitalassistant devices can also introduce additional security risks whenperforming functions, such as performing a transaction.

Embodiments of the invention address this problem and other problemsindividually and collectively.

SUMMARY

Embodiments of the invention are related to methods and systems foraudible authentication.

One embodiment is related to a method comprising: receiving, by adigital assistant device, a biometric sample from a user; converting, bythe digital assistant device, the biometric sample to a biometrictemplate; scanning, by the digital assistant device, for user devices incommunication range of the digital assistant device, thereby receivinguser device identifiers; transmitting, by the digital assistant deviceto a server computer, an authentication request comprising the biometrictemplate and at least one user device identifier; receiving, by thedigital assistant device from the server computer, a cryptogram requestmessage comprising the at least one user device identifier;transmitting, by the digital assistant device to a user devicecorresponding to the at least one user device identifier, the cryptogramrequest message; receiving, by the digital assistant device from theuser device, a cryptogram; and transmitting, by the digital assistantdevice to the server computer, the cryptogram, wherein the servercomputer verifies the cryptogram before further processing of atransaction.

Another embodiment is related to a digital assistant device comprising:a processor; a memory device; and a computer-readable medium coupled tothe processor, the computer-readable medium comprising code executableby the processor for implementing a method comprising: receiving abiometric sample from a user; converting the biometric sample to abiometric template; scanning for user devices in communication range ofthe digital assistant device, thereby receiving user device identifiers;transmitting, to a server computer, an authentication request comprisingthe biometric template and at least one user device identifier;receiving, from the server computer, a cryptogram request messagecomprising the at least one user device identifier; transmitting, to auser device corresponding to the at least one user device identifier,the cryptogram request message; receiving, from the user device, acryptogram; and transmitting, to the server computer, the cryptogram,wherein the server computer verifies the cryptogram before furtherprocessing of a transaction.

One embodiment is related to a method comprising: receiving, by a servercomputer from a digital assistant device, an authentication requestmessage comprising a biometric template and at least one user deviceidentifier; comparing, by the server computer, the biometric template toa stored biometric concurrently with determining if the biometrictemplate corresponds to an account associated with the at least one userdevice identifier; transmitting, by the server computer, a cryptogramrequest message to the digital assistant device; receiving, by theserver computer, a cryptogram from the digital assistant device;determining, by the server computer, whether or not the cryptogrammatches an issued cryptogram previously provisioned to a user deviceassociated with the at least one user device identifier; and if thecryptogram matches the issued cryptogram, then further processing atransaction.

Another embodiment is related to a server computer comprising: aprocessor; a memory device; and a computer-readable medium coupled tothe processor, the computer-readable medium comprising code executableby the processor for implementing a method comprising: receiving, from adigital assistant device, an authentication request message comprising abiometric template and at least one user device identifier; comparingthe biometric template to a stored biometric concurrently withdetermining if the biometric template corresponds to an accountassociated with the at least one user device identifier; transmitting acryptogram request message to the digital assistant device; receiving acryptogram from the digital assistant device; determining whether or notthe cryptogram matches an issued cryptogram previously provisioned to auser device associated with the at least one user device identifier; andif the cryptogram matches the issued cryptogram, then further processinga transaction.

Further details regarding embodiments of the invention can be found inthe Detailed Description and the Figures.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 shows a block diagram of a system illustrating an audibleauthentication system according to embodiments of the invention.

FIG. 2 shows a block diagram illustrating a digital assistant deviceaccording to embodiments of the invention.

FIG. 3 shows a block diagram illustrating a service provider computeraccording to embodiments of the invention.

FIG. 4 shows a block diagram illustrating a user device according toembodiments of the invention.

FIG. 5A shows a swim lane diagram illustrating authentication accordingto embodiments of the invention.

FIG. 5B shows a swim lane diagram illustrating authentication accordingto embodiments of the invention.

DETAILED DESCRIPTION

Prior to discussing embodiments of the invention, some terms can bedescribed in further detail.

The term “digital assistant” or “digital assistant device” can include adevice and/or software agent that can perform tasks and/or services. Insome embodiments, a digital assistant can include an informationprocessing system that can interpret natural language input in spokenand/or textual form to infer and/or determine user intent, and canperform actions based on the inferred user intent. For example, to acton an inferred user intent, the system can perform one or more of thefollowing: identifying a task flow with steps and parameters designed toaccomplish the inferred user intent, inputting specific requirementsfrom the inferred user intent into the task flow; executing the taskflow by invoking programs, methods, services, APIs (application programinterface), or the like; and generating output responses to the user inan audible (e.g., speech) and/or visual form.

A “user device” can include a device that is operated by a user.Examples of user devices may include a mobile phone, a smart phone, apersonal digital assistant (PDA), a laptop computer, a desktop computer,a server computer, a vehicle such as an automobile, a thin-clientdevice, a tablet PC, etc. Additionally, user devices may be any type ofwearable technology device, such as a watch, earpiece, glasses, etc. Theuser device may include one or more processors capable of processinguser input. The user device may also include one or more input sensorsfor receiving user input. As is known in the art, there are a variety ofinput sensors capable of detecting user input, such as accelerometers,cameras, microphones, etc. The user input obtained by the input sensorsmay be from a variety of data input types, including, but not limitedto, audio data, visual data, or biometric data. The user device maycomprise any electronic device that may be operated by a user, which mayalso provide remote communication capabilities to a network. Examples ofremote communication capabilities include using a mobile phone(wireless) network, wireless data network (e.g., 3G, 4G, or similarnetworks), Wi-Fi, Wi-Max, or any other communication medium that mayprovide access to a network such as the Internet or a private network.

A “user” may include an individual. In some embodiments, a user may beassociated with one or more personal accounts and/or mobile devices. Theuser may also be referred to as a cardholder, account holder, orconsumer in some embodiments.

An “interaction” may include a reciprocal action or influence. Aninteraction can include a communication, contact, or exchange betweenparties, devices, and/or entities. Example interactions include atransaction between two parties and a data exchange between two devices.In some embodiments, a transaction can be performed between a user and aresource provider. Interactions can also include agreements, contracts,and the like.

A “biometric” may be any human characteristic that is unique to anindividual. For example, a biometric may be a person's fingerprint,voice sample, face, DNA, retina, etc.

A “biometric reader” may include a device for capturing data from anindividual's biometric sample. Examples of biometric readers may includefingerprint readers, front-facing cameras, microphones, and irisscanners.

A “biometric sample” may include data obtained by a biometric reader.The data may be either an analog or digital representation of a user'sbiometric, generated prior to determining distinct features needed formatching. For example, a biometric sample of a user's face may be imagedata. In another example, a biometric sample of a user's voice may beaudio data.

A “biometric template” or “biometric sample template” may include a filecontaining distinct characteristics extracted from a biometric sample. Abiometric template may be used during a biometric authenticationprocess. For example, a biometric template may be a binary mathematicalfile representing the unique features of an individual's fingerprint,eye, hand or voice needed for performing accurate authentication of theindividual. In some embodiments, a biometric template can be evaluatedto determine a function to be performed.

“Speaker recognition” can include the identification of a user who isspeaking based on characteristics of their voice. Speaker recognitioncan use acoustic features of speech that have been found to differbetween individuals. These acoustic patterns reflect both anatomy (e.g.,size and shape of the throat and mouth) and learned behavioral patterns(e.g., voice pitch, speaking style).

“Speech recognition” can include the translation of spoken words intotext understandable by a computer system. Speech recognition combinedwith speaker recognition may simplify the task of translating speech insystems that are used to authenticate or verify the identity of aspeaker as part of a security process.

“Voice recognition” may be used to describe both “speaker recognition”and “speech recognition.”

A “match score,” as described herein, can be a relationship betweenreceived input data and stored data. In the context of the presentinvention, the received input data can be a captured voice template. Thestored data can be a previously captured and stored voice template. Thematch score may express the degree of confidence between the receivedinput data and the stored data. The match score may be passed to otherparts of a risk scoring mechanism, such that the match score contributesalong with other risk parameters to an overall decision, for example,approving or declining a transaction. Setting an appropriate thresholdto ensure an acceptable level of accuracy would be appreciated by one ofordinary skill in the art. This concept can be applied to otherbiometric data apart from voice samples (e.g., retinal scans, facialrecognition data, etc.).

A “cryptogram” may include a piece of obscured text such as encryptedtext. A cryptogram may be formed by encrypting input data with anencryption key such as a symmetric encryption key. In some embodiments,a cryptogram is reversible so that the inputs that are used to form thecryptogram can be obtained using the same symmetric key to perform adecryption process. In some embodiments, if input data is encryptedusing a private key of a public/private key pair, the cryptogram mayalso be a digital signature. A digital signature may be verified with apublic key of the public/private key pair. In some embodiments, acryptogram may include a dCVV (dynamic card verification value).

In embodiments of the invention, a cryptogram can be generated in anysuitable manner. In some embodiments, the input to the cryptogram caninclude data elements including an account identifier such as primaryaccount number, and a variable data element such as a counter, a time ofday, or interaction value. Such data may be included using an encryptionprocess such as DES (Data Encryption Standard), triple DES, or AES(Advanced Encryption Standard) using any suitable encryption keys. Theencryption keys may also be UDKs or unique derived keys, and may begenerated based upon device specific information such as an accountnumber, which may be encrypted using a master derivation key (MDK). Thecryptogram can be verified by another computer such a remote computer byeither decrypting the cryptogram to and verifying the decrypted contentswith other data (e.g., an account number stored on file), or byencrypting other inputs and then comparing the encrypted result to thecryptogram. Additional details regarding cryptogram formation andverification according to some embodiments can be found in U.S. PatentPublication No. 2013/0226802, which is incorporated by reference in itsentirety.

A “digital wallet” can include an electronic device that allows anindividual to conduct electronic commerce transactions. A digital walletmay store user profile information, account credentials, one or moredigital wallet identifiers and/or the like and can be used in a varietyof transactions, such as but not limited to eCommerce, social networks,money transfer/personal payments, mobile commerce, proximity payments,access transactions, and/or the like. A digital wallet may be designedto streamline the transaction process. A digital wallet may allow theuser to load one or more account identifiers onto the digital wallet soas to conduct a transaction without having to enter an accountidentifier or present a physical identification.

A “digital wallet provider” may include an entity, such as an issuingentity or third party service provider, that issues a digital wallet toa user. The digital wallet provider may enable the user to conducttransactions. A digital wallet provider may provide standaloneuser-facing software applications that store account numbers, orrepresentations of the account numbers (e.g., tokens), on behalf of anaccount holder (or other user) to facilitate transactions at more thanone unrelated transacting entity, perform person-to-person transactions,or load value into the digital wallet. A digital wallet provider mayenable a user to access its account via a personal computer, userdevice, access device, etc.

An “acquirer” may include a business entity (e.g., a commercial bank)that has a business relationship with a particular merchant or otherentity. Some entities can perform both issuer and acquirer functions.Some embodiments may encompass such single entity issuer-acquirers. Anacquirer may operate an acquirer computer, which can also be genericallyreferred to as a “transport computer”.

A “resource provider” may include an entity that can provide a resourcesuch as goods, services, information, and/or access. Examples ofresource providers includes merchants, data providers, transit agencies,governmental entities, venue and dwelling operators, etc.

A “merchant” may include an entity that engages in transactions. Amerchant can sell goods and/or services or provide access to goodsand/or services.

An “authorization request message” may include an electronic messagethat requests authorization for an interaction. In some embodiments, itis sent to a transaction processing computer and/or an issuer of apayment card to request authorization for a transaction. Anauthorization request message according to some embodiments may complywith International Organization for Standardization (ISO) 8583, which isa standard for systems that exchange electronic transaction informationassociated with a payment made by a user using a payment device orpayment account. The authorization request message may include an issueraccount identifier that may be associated with a payment device orpayment account. An authorization request message may also compriseadditional data elements corresponding to “identification information”including, by way of example only: a service code, a CVV (cardverification value), a dCVV (dynamic card verification value), a PAN(primary account number or “account number”), a payment token, a username, an expiration date, etc. An authorization request message may alsocomprise “transaction information,” such as any information associatedwith a current transaction, such as the transaction value, merchantidentifier, merchant location, acquirer bank identification number(BIN), card acceptor ID, information identifying items being purchased,etc., as well as any other information that may be utilized indetermining whether to identify and/or authorize a transaction.

An “authorization response message” may include a message that respondsto an authorization request. In some cases, it may be an electronicmessage reply to an authorization request message generated by anissuing financial institution or a transaction processing computer. Theauthorization response message may include, by way of example only, oneor more of the following status indicators: Approval—transaction wasapproved; Decline—transaction was not approved; or Call Center—responsepending more information, merchant must call the toll-free authorizationphone number. The authorization response message may also include anauthorization code, which may be a code that a credit card issuing bankreturns in response to an authorization request message in an electronicmessage (either directly or through the transaction processing computer)to the merchant's access device (e.g., point-of-sale (POS) equipment)that indicates approval of the transaction. The code may serve as proofof authorization.

An “authorizing entity” may include an entity that authorizes a request.Examples of an authorizing entity may be an issuer, a governmentalagency, a document repository, an access administrator, etc. Anauthorizing entity may operate an authorizing entity computer. An“issuer” may refer to a business entity (e.g., a bank) that issues andoptionally maintains an account for a user. An issuer may also issuepayment credentials stored on a user device, such as a cellulartelephone, smart card, tablet, or laptop to the consumer, or in someembodiments, a portable device.

A “server computer” may include a powerful computer or cluster ofcomputers. For example, the server computer can be a large mainframe, aminicomputer cluster, or a group of servers functioning as a unit. Inone example, the server computer may be a database server coupled to aWeb server. The server computer may comprise one or more computationalapparatuses and may use any of a variety of computing structures,arrangements, and compilations for servicing the requests from one ormore client computers.

A “credential” may include any suitable information that serves asreliable evidence of worth, ownership, identity, or authority. Acredential may be a string of numbers, letters, or any other suitablecharacters, as well as any object or document that can serve asconfirmation. Examples of credentials include value credentials,identification cards, certified documents, access cards, passcodes andother login information, etc.

“Payment credentials” may include any suitable information associatedwith an account (e.g. a payment account and/or payment device associatedwith the account). Such information may be directly related to theaccount or may be derived from information related to the account.Examples of payment credentials may include a PAN (primary accountnumber or “account number”), user name, expiration date, andverification values such as CVV, dCVV, CVV2 (card verification value 2),dCVV2 (dynamic card verification value 2), and CVC3 (card verificationcode 3) values.

A “service provider” may include an entity that can provide a serviceand/or application. An example of a service provider is a digital walletprovider. A service provider may operate a service provider computer.

A “token” may include a substitute identifier for some information. Forexample, a payment token may include an identifier for a payment accountthat is a substitute for an account identifier, such as a PAN. Forinstance, a token may include a series of alphanumeric characters thatmay be used as a substitute for an original account identifier. Forexample, a token “4900 0000 0000 0001” may be used in place of a PAN“4147 0900 0000 1234.” In some embodiments, a token may be “formatpreserving” and may have a numeric format that conforms to the accountidentifiers used in existing payment processing networks (e.g., ISO 8583financial transaction message format). In some embodiments, a token maybe used in place of a PAN to initiate, authorize, settle or resolve apayment transaction. The token may also be used to represent theoriginal credential in other systems where the original credential wouldtypically be provided. In some embodiments, a token value may begenerated such that the recovery of the original PAN or other accountidentifier from the token value may not be computationally derived.Further, in some embodiments, the token format may be configured toallow the entity receiving the token to identify it as a token andrecognize the entity that issued the token.

A “processor” may include a device that processes something. In someembodiments, a process can include any suitable data computation deviceor devices. A processor may comprise one or more microprocessors workingtogether to accomplish a desired function. The processor may include aCPU comprising at least one high-speed data processor adequate toexecute program components for executing user and/or system-generatedrequests. The CPU may be a microprocessor such as AMD's Athlon, Duronand/or Opteron; IBM and/or Motorola's PowerPC; IBM's and Sony's Cellprocessor; Intel's Celeron, Itanium, Pentium, Xeon, and/or XScale;and/or the like processor(s).

A “memory” may include any suitable device or devices that can storeelectronic data. A suitable memory may comprise a non-transitorycomputer readable medium that stores instructions that can be executedby a processor to implement a desired method. Examples of memories maycomprise one or more memory chips, disk drives, etc. Such memories mayoperate using any suitable electrical, optical, and/or magnetic mode ofoperation.

Details of some embodiments of the present invention will now bedescribed.

Embodiments of the invention can allow for a system capable of userregistration, user authentication, and interaction authorization. Duringuser registration, a user can open an application, such as a digitalwallet application, on a user device. The user can input user details,into the user device, such as a name, a phone number, an address,payment credentials, etc. The user can also capture and save a biometrictemplate using the user device. The biometric template can result from avoice biometric sample of a user's command, for example, “pay with XYZwallet.”

In some embodiments, the user device can transmit the user details andthe biometric template to a service provider computer (e.g., a cloudwallet, VCOP (Visa checkout's open platform), or other suitableplatform). In some embodiments, the user device can also transmit adevice identifier to the service provider. The service provider computercan store the user details and the biometric template. In someembodiments, the service provider computer can store a payment token forthe user's credentials, the voice phrase (i.e., the biometric template),a user device identifier and/or a generic attribute (GATT) profile,and/or a cryptogram that can be generated and pushed to the user device.

Embodiments of the invention also allow for a user to ask/command adigital assistant device to perform an interaction. For example, theuser can speak a command such as “pay for product W with XYZ wallet.”The digital assistant device can obtain a biometric sample from theuser's command (i.e., biometric) using a biometric reader such as amicrophone. The digital assistant device can then create a biometrictemplate from the biometric sample. Further, the digital assistantdevice can scan for proximate devices. For example, the digitalassistant device can scan for all Bluetooth low energy (BLE) enableddevices in proximity of the digital assistant device. The digitalassistant device can then transmit the biometric template along with alist of proximate device identifiers to the service provider computer.The service provider computer can look up the matching deviceidentifiers stored in a database of the service provider computer.

For a matched device identifier, the service provider computer cancompare the received biometric template to stored biometric template(s)associated with the matched device identifier. In some embodiments, theservice provider computer can also evaluate the received biometrictemplate to determine user intent, as described in further detailherein. The service provider computer can then indicate to the digitalassistant whether or not a device identifier and/or a biometric templatematch has been found. The digital assistant device can then notify theuser of whether or not the match was found. For example, the digitalassistant device can play a notification sound of other suitable audiooutput.

Embodiments of the invention can also allow for the service providercomputer to request a cryptogram from the user device. For example,after finding a match for the device identifier and the biometrictemplate, described herein, the service provider computer can request acryptogram from the user device via the digital assistant device. Thedigital assistant device can request and receive the cryptogram from thematched user device. The digital assistant device can forward thecryptogram to the service provider computer. The service providercomputer can then determine whether or not the received cryptogrammatches the cryptogram previously pushed to the user device. In someembodiments, the service provider computer can transmit a payment token,corresponding to the user of the user device, to an authorizationcomputer via an intermediary computer and/or a resource providercomputer. Once the interaction is authorized (e.g., by the authorizationcomputer), the digital assistant device can play another sound notifyingthat authorization has occurred.

FIG. 1 shows a block diagram of a system 100 comprising a number ofcomponents according to some embodiments of the invention. The system100 comprises a user device 102, a digital assistant device 104, aservice provider computer 106, an intermediary computer 108, a resourceprovider computer 110, a transport computer 112, a processing network114, and an authorization computer 116.

The user device 102 may be in operative communication with the digitalassistant device 104. For example, the user device 102 and the digitalassistant device 104 can be in Bluetooth or BLE communication. The userdevice 102 can also be in operative communication with the serviceprovider computer 106, for example, via Wi-Fi™.

The service provider computer 106 can be in operative communication withthe user device 102, the digital assistant device 104, and theintermediary computer 108. The intermediary computer 108 can be inoperative communication with the resource provider computer 110. In someembodiments, the intermediary computer 108 may be in operativecommunication with the transport computer 112. The transport computer112 can be in operative communication with the resource providercomputer 110 and the processing network 114, which may be in operativecommunication with the authorization computer 116.

Message between the entities, providers, networks, and devicesillustrated in FIG. 1 may be transmitted using a secure communicationsprotocols such as, but not limited to, File Transfer Protocol (FTP);HyperText Transfer Protocol (HTTP); Secure Hypertext Transfer Protocol(HTTPS), Secure Socket Layer (SSL), ISO (e.g., ISO 8583) and/or thelike. The communication network may include any suitable communicationmedium. The communication network may be one and/or the combination ofthe following: a direct interconnection; the Internet; a Local AreaNetwork (LAN); a Metropolitan Area Network (MAN); an Operating Missionsas Nodes on the Internet (OMNI); a secured custom connection; a WideArea Network (WAN); a wireless network (e.g., employing protocols suchas, but not limited to a Wireless Application Protocol (WAP), I-mode,and/or the like); and/or the like.

The user device 102 can be operated by a user. In some embodiments, theuser device 102 can include a digital wallet application. The userdevice 102 can be capable of receiving user input to allow the user toregister with the digital wallet and/or register with the serviceprovider computer 106. The user can input user details such as a name, aphone number, an address, payment credentials, and/or other suitableuser details, into the user device 102. The user device 102 may also becapable of capturing a biometric sample and creating biometric templatesfrom biometric samples. In some embodiments, the user device 102 mayencrypt a biometric template prior to transmitting the biometrictemplate to another device, such as a service provider computer 106. Theuser device 102 may also be associated with a device identifier. In someembodiments, the device identifier may be unique and may includealphanumeric characters. In other embodiments, the device identifier canbe a GATT profile.

The digital assistant device 104 may be located in proximity to theuser. In some embodiments, the digital assistant device 104 may belocated at a resource provider location. The digital assistant device104 can be capable of obtaining a biometric sample and creating abiometric template from the biometric sample. The digital assistantdevice 104 can be capable of analyzing a biometric sample and/orbiometric template to determine a course of action, such as a functionto be performed. In some embodiments, the digital assistant device 104can include a microphone, which may be any device that converts sound toan electric signal. The microphone may be used to capture voice datafrom a user.

The service provider computer 106 may be a server computer operated by aservice provider. The service provider may be an entity that provides anapplication to the user device 102 for use by the user. In someembodiments, the application provider can be a digital wallet providerthat provides a digital wallet or payment application to the user device102. The service provider computer 106 may maintain one or more digitalwallets for each user, and each digital wallet may be associated withpayment data for one or more payment accounts. Examples of digitalwallets may include Visa Checkout™, Google™ Wallet, etc.

The intermediary computer 108 may be a server computer. The intermediarycomputer 108 may act as an intermediary between the service providercomputer 106 and the resource provider computer 110. The intermediarycomputer 108 may route messages between the service provider computer106 and the resource provider computer 110. In some embodiments, theintermediary computer 108 may store user details and may facilitate userlogin to the service provider computer 106.

The resource provider computer 110 may be configured to receiveinteraction data, such as transaction data, from another device, such asa service provider computer 106 and/or the intermediary computer 108.The resource provider computer 110 may enable a resource provider suchas a merchant to engage in transactions, sell goods or services, orprovide access to goods or services to the user. The resource providercomputer 110 may accept multiple forms of payment and may use multipletools to conduct different types of transactions.

The transport computer 112 may be located between (in an operationalsense) the intermediary computer 108 and the processing network 114. Thetransport computer 112 may be operated by an entity such as an acquirer.An acquirer can maintain an account of any merchants (e.g., an airline,a department store, etc.) with which users may wish to interact.

The processing network 114 may route or switch messages between a numberof transport computers including the transport computer 112, and anumber of authorizing entity computers including the authorizationcomputer 116. The processing network 114 may be a processing networkcomputer in some embodiments. The processing network computer may beconfigured to provide authorization services, and clearing andsettlement services for payment transactions. A processing networkcomputer may include data processing subsystems, networks, andoperations used to support and deliver authorization services, exceptionfile services, and clearing and settlement services. An exemplarypayment processing network may include VisaNet™. Payment processingnetworks such as VisaNet™ are able to process credit card transactions,debit card transactions, and other types of commercial transactions.VisaNet™, in particular includes a Visa Integrated Payments (VIP) systemwhich processes authorization requests and a Base II system whichperforms clearing and settlement services. Furthermore, the paymentprocessing network may include a server computer and may use anysuitable wired or wireless telecommunications network, including theInternet. In some embodiments, the processing network computer mayforward an authorization request received from a transport computer tothe authorizing entity computer via a communication channel. Theprocessing network computer may further forward an authorizationresponse message received from the authorizing entity computer to thetransport computer.

The authorization computer 116 may be configured to authorize anysuitable request, including access to data, access to a location, orapproval for a payment. In some embodiments, the authorization computer116 may be operated by an account issuer. Typically, the issuer is anentity (e.g., a bank) that issues and maintains an account of a user.The account may be a credit, debit, prepaid, or any other type ofaccount.

FIG. 2 shows a block diagram of a digital assistant device 200 accordingto some embodiments of the invention. The exemplary digital assistantdevice 200 may comprise a processor 204. The processor 204 may becoupled to a memory 202, a network interface 206, a computer readablemedium 208, input elements 210, output elements 212, and a biometricreader 214. The computer readable medium 208 can comprise an encryptionmodule 208A, a proximate device detection module 208B, and a speechrecognition module 208C.

The memory 202 may be used to store data and code. The memory 202 may becoupled to the processor 204 internally or externally (e.g., cloud baseddata storage), and may comprise any combination of volatile and/ornon-volatile memory, such as RAM, DRAM, ROM, flash, or any othersuitable memory device.

The computer readable medium 208 may comprise code, executable by theprocessor 204, to implement a method comprising: receiving, by a digitalassistant device, a biometric sample from a user; converting, by thedigital assistant device, the biometric sample to a biometric template;scanning, by the digital assistant device, for user devices incommunication range of the digital assistant device, thereby receivinguser device identifiers; transmitting, by the digital assistant deviceto a server computer, an authentication request comprising the biometrictemplate and at least one user device identifier; receiving, by thedigital assistant device from the server computer, a cryptogram requestmessage comprising the at least one user device identifier;transmitting, by the digital assistant device to a user devicecorresponding to the at least one user device identifier, the cryptogramrequest message; receiving, by the digital assistant device from theuser device, a cryptogram; and transmitting, by the digital assistantdevice to the server computer, the cryptogram, wherein the servercomputer verifies the cryptogram before further processing of atransaction.

The encryption module 208A may include any program, software, or othercode suitable to perform operations related to encryption and/ordecryption. The encryption module 208A can be capable of encrypting anysuitable data. For example, the encryption module 208A can be capable ofencrypting biometric templates. The digital assistant device 200 cantransmit the encrypted biometric template(s) to a service providercomputer. In some embodiments, a biometric template can be encryptedusing a service provider computer public key. In other embodiments, abiometric template can be encrypted with a symmetric session key. It isunderstood that a biometric template can be encrypted in any suitablemanner such that the service provider computer can be capable ofdecrypting the encrypted biometric template.

The encryption module 208A can use any suitable encryption algorithm(s).For example, the encryption module 208A may implement and performencryption and/or decryption operations using encryption algorithms suchas DES, AES, TDES/TDEA, or the like, and/or hash functions such as SHA,or the like, using cryptographic keys of any suitable length (e.g.,56-bit, 128-bit, 169-bit, 192-bit, 256-bit, etc.).

The proximate device detection module 208B can be capable of determiningproximate devices. In some embodiments, the proximate device detectionmodule 208B can determine proximate devices that are in Bluetooth or BLEcommunication range. For example, user devices and/or any other suitableBLE equipped device can broadcast a device identifier periodically orcontinuously; the proximate device detection module 208B can be capableof determining each device identifier received via BLE. The digitalassistant device 200 can be capable of creating a list of deviceidentifiers received from the proximate devices.

The speech recognition module 208C can include any program, software, orother code suitable to perform operations related to speech recognition.The speech recognition module 208C can be capable of translating spokenwords into text understandable by a computer system. For example, thespeech recognition module 208C can be capable of translating a biometricvoice template and/or biometric into text. The speech recognition module208C can analyze the text to determine whether or not the text includesinstructions to perform a function. For example, the speech recognitionmodule 208C can determine a function to perform using natural languageprocessing. As known to one of skill in the art, the speech recognitionmodule 208C can use any suitable natural language processing evaluationsand tasks, such as, but not limited to, grammar induction, morphologicalsegmentation, part-of-speech tagging, parsing, sentence breaking, wordsegmentation, etc.

In some embodiments, the speech recognition module 208C can be capableof actively eliciting input from a user, interpreting user intent,disambiguating among competing interpretations, requesting and receivingclarifying information as needed, and/or performing (or initiating)actions based on the discerned intent. The speech recognition module208C can use any suitable natural language processing techniques. Forfurther details regarding natural language processing see [Nadkarni,Prakash M et al. “Natural language processing: an introduction” Journalof the American Medical Informatics Association: JAMIA vol. 18, 5(2011): 544-51], which is herein incorporated for all purposes in itsentirety. Additionally, for further details regarding recent trends indeep learning based natural language processing see [Tom Young et al.“Recent Trends in Deep Learning Based Natural Language Processing”arXiv, arXiv:1708.02709 (2017)], which is herein incorporated for allpurposes in its entirety.

The network interface 206 may include an interface that can allow thedigital assistant device 200 to communicate with external computers. Thenetwork interface 206 may enable the digital assistant device 200 tocommunicate data to and from another device (e.g., a service providercomputer, etc.). Some examples of the network interface 206 may includea modem, a physical network interface (such as an Ethernet card or otherNetwork Interface Card (NIC)), a virtual network interface, acommunications port, a Personal Computer Memory Card InternationalAssociation (PCMCIA) slot and card, or the like. The wireless protocolsenabled by the network interface 206 may include Wi-Fi™. Datatransferred via the network interface 206 may be in the form of signalswhich may be electrical, electromagnetic, optical, or any other signalcapable of being received by the external communications interface(collectively referred to as “electronic signals” or “electronicmessages”). These electronic messages that may comprise data orinstructions may be provided between the network interface 206 and otherdevices via a communications path or channel. As noted above, anysuitable communication path or channel may be used such as, forinstance, a wire or cable, fiber optics, a telephone line, a cellularlink, a radio frequency (RF) link, a WAN or LAN network, the Internet,or any other suitable medium.

The one or more input elements 210 may include any suitable device(s)capable of inputting data into the digital assistant device 200.Examples of input devices include buttons, touchscreens, touch pads,etc.

The one or more output elements 212 may comprise any suitable device(s)that may output data. Examples of output elements 212 may includedisplay screens, speakers, and data transmission devices.

The biometric reader 214 may include a device for capturing data from auser's biometric sample. Examples of biometric readers 214 may includefingerprint readers, front-facing cameras, microphones, and irisscanners. The biometric reader 214, such as a microphone, can beconfigured to capture one or more audio segments from a user. In someembodiments, the biometric reader 214 may capture voice data by the userto determine user intent.

FIG. 3 shows a block diagram of a service provider computer 300according to some embodiments of the invention. The exemplary serviceprovider computer 300 may comprise a processor 304. The processor 304may be coupled to a memory 302, a network interface 306, and a computerreadable medium 308 comprising a cryptogram verification module 308A, anencryption module 308B, a biometric comparison module 308C, and a speechrecognition module 308D. The service provider computer 300 may beoperatively coupled to a user database 310.

The memory 302 can be similar to the memory 202 described in FIG. 2, andwill not be repeated here. The network interface 306 can be similar tothe network interface 206 described in FIG. 2, and will not be repeatedhere.

The computer readable medium 308 may comprise code, executable by theprocessor 304, to implement a method comprising: receiving, by a servercomputer from a digital assistant device, an authentication requestmessage comprising a biometric template and at least one user deviceidentifier; comparing, by the server computer, the biometric template toa stored biometric concurrently with determining if the biometrictemplate corresponds to an account associated with the at least one userdevice identifier; transmitting, by the server computer, a cryptogramrequest message to the digital assistant device; receiving, by theserver computer, a cryptogram from the digital assistant device;determining, by the server computer, whether or not the cryptogrammatches an issued cryptogram previously provisioned to a user deviceassociated with the at least one user device identifier; and if thecryptogram matches the issued cryptogram, then further processing atransaction.

The cryptogram verification module 308A may include any program,software, or other code suitable to perform operations related toverifying a cryptogram. For example, the cryptogram verification module308A can compare a cryptogram received from a user device (i.e.,received cryptogram) to a cryptogram previously provisioned to the userdevice (i.e., stored cryptogram). The cryptogram verification module308A can determine whether or not the received cryptogram matches thestored cryptogram.

The encryption module 308B may include any program, software, or othercode suitable to perform operations related to encryption and/ordecryption. For example, the encryption module 308B can be capable ofdecrypting biometric templates. The digital assistant device 200 cantransmit the encrypted biometric template(s) to the service providercomputer 300. The encryption module 308B can be capable of decryptingthe encrypted biometric templates. In some embodiments, an encryptedbiometric template can be decrypted using a service provider computerprivate key. In other embodiments, an encrypted biometric template canbe decrypted with a symmetric session key. It is understood that anencrypted biometric template can be decrypted in any suitable mannersuch that the service provider computer 300 can be capable of decryptingthe encrypted biometric template that is encrypted by the serviceprovider computer 300. In some embodiments, the encryption module 308Bcan have similar capabilities to the encryption module 208A.

The biometric comparison module 308C may include any program, software,or other code suitable to perform operations related to biometriccomparisons. The biometric comparison module 308C is configured todetermine whether a received biometric template from a user matches apreviously registered biometric template from the user. For example, ifa user wishes to initiate a payment transaction, the biometriccomparison module 308C can compare the user's biometric template, forexample, a biometric voice template, to a stored biometric voicetemplate to authenticate the user. In some embodiments, the biometriccomparison module 308C can perform speaker recognition when the receivedbiometric template is a biometric voice template. In other embodiments,the biometric comparison module 308C can determine a match value whichmay indicate how closely the two compared biometric templates match.

The speech recognition module 308D can include any program, software, orother code suitable to perform operations related to speech recognition.The speech recognition module 308D can be capable of translating spokenwords into text understandable by a computer system. The speechrecognition module 308D may be similar to the speech recognition module208C.

The user database 310 may securely store data, such as user details,encrypted biometric templates, cryptograms, etc. as part of a userprofile. The user database 310 may be a conventional, fault tolerant,relational, scalable, secure database such as those commerciallyavailable from Oracle™ or Sybase™. The service provider computer 300 canbe configured to access the user database 310. For example, the serviceprovider computer 300 can query the user database 310 for user profilesassociated with devices identifiers in a list of device identifiers. Theservice provider computer 300 can retrieve the respective user profilesand information therein.

FIG. 4 shows a block diagram of user device 400 according to someembodiments of the invention. The exemplary user device 400 may comprisea processor 404. The processor 404 may be coupled to a memory 402, anetwork interface 406, a computer readable medium 408, input elements410, output elements 412, and a biometric reader 414. The computerreadable medium 408 can comprise a push handler module 408A and anencryption module 408B.

The memory 402 can be similar to the memory 302 and the memory 202 asdescribed in FIG. 3 and FIG. 2, respectively, and will not be repeatedhere. The memory 402 can be a secure memory such as an HSM (hardwaresecurity module), secure element, or other suitable secure memory. Thesecure memory can store a cryptogram securely.

The network interface 406 can be similar to the network interface 306and the network interface 206 as described in FIG. 3 and FIG. 2,respectively, and will not be repeated here. The one or more inputelements 410 can be similar to the one or more inputs elements 210, asdescribed in FIG. 2, and will not be repeated here. The one or moreoutput elements 412 can be similar to the one or more output elements212, as described in FIG. 2, and will not be repeated here. Thebiometric reader 414 can be similar to the biometric reader 214, asdescribed in FIG. 2, and will not be repeated here.

The computer readable medium 408 may comprise code, executable by theprocessor 404. The computer readable medium 408 may contain any numberof applications, modules, and code.

The push handler module 408A may include any program, software, or othercode suitable to perform operations related to receiving data and/orinformation pushed from a device, computer, server, etc. For example,the push handler module 408A can be capable of receiving data, such as acryptogram, from a server computer, such as a service provider computer.The push handler module 408A can receive a cryptogram at any suitabletime while in operative communication with the service provider computer(e.g., via the Internet). In some embodiments, the received cryptogramcan replace a previously received cryptogram, in this way, the userdevice 400 may store the latest cryptogram.

The encryption module 408B may include any program, software, or othercode suitable to perform operations related to encryption and/ordecryption. The encryption module 408B may be capable of encryptingand/or decrypting any suitable data.

In some embodiments, a user can manage card credentials in the cloudusing the user device 400. The user may also access the cloud wallet byway of interacting with a digital assistant device with their voice,given that their user device is in the proximity defined. In someembodiments, the user can also manage their biometric templates on theservice provider computer using the user device 400.

Interactions, such as transactions, can then be completed for goods andservices serviced by the digital assistant device with a limited usepayment credential to prevent replay issues. In some embodiments,one-time cryptogram can be issued for this type of authentication.

When the user interacts with a digital assistant device, the digitalassistant device can scan for available user devices that are inproximity of its BLE component. In some embodiments, the digitalassistant device may scan for user devices that include a digital walletapplication. In some embodiments, the discovery of digital wallet“usernames” can be paired with the user's password, which could beexclusively or a combination of the following: a user defined descriptorof the wallet “Masha's wallet” or the raw data produced by the humanvoice interacting with a microphone (resulting in e.g., a .wav file,.mp3, etc.) and/or a device GATT profile registered on the serviceprovider computer. In this way, the user's biometric template and/oruser device identifier can be used as a password to authenticate theuser when accessing the digital wallet.

This data can then be used to verify the appropriate digital wallet, andaccess the digital wallet synchronously after BLE has scanned for allavailable digital wallets. In addition to the user's information, oncethe user registers their payment credentials on the service providercomputer, an authentication service can dynamically generate acryptogram and push it to the user device. In some embodiments, duringpayment, a digital assistant device can request this information fromthe user device and then send it to the service provider computer forverification. After the service provider computer verifies thecryptogram, interaction authorization may be performed.

FIGS. 5A-5B shows a swim lane diagram illustrating an authenticationmethod according to embodiments of the invention. The method illustratedin FIGS. 5A-5B will be described in the context of a user asking adigital assistant device to purchase a product at a resource providerlocation. It is understood, however, that the invention can be appliedto other circumstances (e.g., a user asking a digital assistant deviceto perform an interaction such as a data transfer, a user operating adigital assistant device in various locations such as at the user'shouse, etc.). Although the steps are illustrated in a specific order, itis understood that embodiments of the invention may include methods thathave the steps in different orders. In addition, steps may be omitted oradded and may still be within embodiments of the invention.

At step 510, a user device 502 can receive user input for registrationincluding user details and a biometric template. The user details, alsoreferred to as registration details, can include a name, a phone number,an address, credentials, and/or other suitable user details. The userdevice 502 can also receive a biometric sample from the user via abiometric reader. The biometric reader can capture a biometric and canoutput the biometric template.

The user device 502 may create the biometric template using any suitablebiometric reader or input scanner. For example, the user may place theirfinger on a fingerprint scanner located on the user device 502. Thebiometric reader can obtain a biometric sample from the user (e.g., byscanning the user's fingerprint). Upon obtaining the biometric samplefrom the user, the user device 502 may create a biometric templateassociated with the user. The biometric template may be a digitalreference of distinct characteristics that have been extracted from thebiometric sample. For example, in the case where the biometric sample isa fingerprint, the biometric template may contain the minutiae (or majorfeatures) of the fingerprint.

In some embodiments, generating the biometric template can includeidentifying distinctive features of the measured biometric sample andthen representing the distinctive features in digital form. For example,a data file may be created from the capture of electromagnetic signalsgenerated by a biometric reader during sample reading, in which thesignals may be binned into discrete bits according to a pre-definedresolution (i.e. as expressed by the number of pixels in an image or bythe sample rate of an audio file). Software stored on the user device502 may then be used to identify features of the data file that can beused to accurately authenticate the user. For example, the user may beasked to present his or her biometric multiple times, and a mathematicalmodel may be used to determine features that consistently appear. Thefeatures may be represented as a binary digital file, which may form thebiometric template.

In some embodiments, generating the biometric template can be a two-stepprocess. First, a first data file may be created based on themeasurement. For example, this can be a complete image of a fingerprintor face, or a complete voice sample. Second, the first data file can beused to identify distinctive features of the biometric sample, andinformation about the distinctive features can be stored in a seconddata file. Embodiments of the invention allow either the first data file(e.g., a data file that represents the entire biometric sample) or thesecond data file (e.g., a data file that represents distinctive featuresof the biometric sample) to be used as the biometric template.

In some embodiments, the user device 502 can receive one or morebiometric samples corresponding to various phrases the user can state tolater perform an interaction. For example, the user may have two paymentaccounts; one corresponding to a credit card and a second correspondingto a debit card. The user can use the user device 502 to record voicesamples for each payment account that the user wants to enroll. The usercan speak a first voice sample of “pay with wallet XYZ, card ABC” and asecond voice sample of “pay with wallet XYZ, card DEF.” In this way, theservice provider computer 506 can later (e.g., at step 534) determinewhich account of one or more accounts the user wants to use. Eachbiometric template can be unique to each service provider computerand/or each payment credential, i.e., debit card, prepaid card, creditcard, etc. This property can be referred to as user defined textdependent speaker recognition. When the biometric templates are voicetemplates, the voice template can include not only information regardingthe identity of the user for authentication, but also informationregarding actions that the user wants to perform, such as “purchase itemHHH”.

After generating the biometric template, the user device 502 can encryptthe biometric template in any suitable manner described herein. Afterencrypting the biometric template, the user device 502 can transmit theuser details and the encrypted biometric template to the serviceprovider computer 506. In some embodiments, the user device 502 can alsotransmit a device identifier to the service provider computer 506. Insome embodiments, the device identifier can be a GATT profile.

At step 512, after receiving the user details and the encryptedbiometric template from the user device 502, the service providercomputer 506 can store the user details and the encrypted biometrictemplate. In some embodiments, the service provider computer 506 canalso store the credentials and/or a payment token. The service providercomputer 506 can transmit the user details to the intermediary computer508.

At step 514, after receiving the user details from the service providercomputer 506, the intermediary computer 508 can store the user details.The intermediary computer 508 can facilitate the user logging in to aservice provider application installed on the user device 502. Forexample, the intermediary computer 508 can store a username and anaddress of the user.

At step 516, at any suitable point after the service provider computer506 stores the user details (i.e., the user has been registered), theservice provider computer 506 can periodically generate a cryptogram,such as a dCVV. The service provider computer 506 can push thecryptogram to the user device 502. For example, the service providercomputer 506 can generate and push a cryptogram to the user device 502once per day. The service provider computer 506 can generate and pushthe cryptogram at any suitable rate, for example, every hour, once per12 hours, once per week, after each interaction, etc. The serviceprovider computer 506 can transmit the cryptogram to the user device 502over any suitable communication channel as described herein.

At step 518, after receiving the cryptogram from the service providercomputer 506, the user device 502 can store the cryptogram in a securememory. In some embodiments, the user device 502 may replace apreviously received cryptogram with the latest (i.e., most recentlyreceived) cryptogram.

At step 520, at any suitable point, the user can ask the digitalassistant device 504 to perform an interaction (i.e., the user can speaka command to the digital assistant device 504). For example, the usercan be at a resource provider location and can ask the digital assistantdevice 504 to “pay with XYZ wallet.” In some embodiments, the user canspecify a particular service provider computer, one or more productsand/or services, an amount, a user name, etc. in the user's command. Forexample, the user may state “purchase two blue shirts with XYZ wallet”or other suitable command.

In some embodiments, the user may be provided with a product numberand/or code (i.e., product data) that the user can state in theircommand to the digital assistant device 504. For example, a user mayattempt to purchase a shirt at a resource provider location. The shirtcan have a tag with a product number, for example, “4000.” The user canthen state “purchase item 4000 with XYZ wallet.” Later in the process,the product number and/or code can be determined by the service providercomputer 506 by evaluating the user's biometric template resulting fromthe user's voice command. In some embodiments, a resource providercomputer can receive an authorization request message along with theproduct number and/or code. The resource provider computer can addand/or edit the authorization request message to include an accuratetransaction amount associated with the product number and/or code.

The digital assistant device 504 can receive and capture the user'scommand. For example, the digital assistant device 504 can capture theuser's command using microphone. The microphone can create a biometricsample. In some embodiments, the user may speak an activation commandprior to speaking the command. The activation command may be anysuitable phrase, for example, “hello, digital assistant,” “ready tocheck out,” etc. Upon detecting the activation command, the digitalassistant device 504 can begin obtaining the user's biometric samplewith the biometric reader (e.g., recording the user's command). Afterreceiving the biometric sample, the digital assistant device 504 canconvert the received biometric sample to a biometric template, in anysuitable method described herein.

After creating the biometric template, the digital assistant device 504can evaluate the biometric template. For example, the digital assistantdevice 504 can perform speech recognition, which can include thetranslation of spoken words into text understandable by the digitalassistant device 504. For example, the digital assistant device 504 canconvert the received biometric template (i.e., user's voice command)into text. The digital assistant device 504 can recognize a commandcorresponding to the converted text. The digital assistant device 504can perform the command corresponding to the converted text, forexample, the command may be to perform an interaction such as atransaction. The biometric sample can be a command spoken by the userand the biometric template can be a biometric voice template.

In some embodiments, the digital assistant device 504 can include code,trained with speech recognition training data, capable of determininguser intent. Any suitable speech recognition model, method, and/oralgorithm can be used. For example, hidden Markov models (HMM), dynamictime warping (DTW)-based speech recognition, neural networks, etc. maybe used to evaluate the text.

In some embodiments, the digital assistant device 504 can respond to theuser's command by audibly playing a response to the user. For example, aresponse may be “I will place an order for product W using XYZ wallet,do you want to confirm?” However, it is understood, that the responsemay be in any suitable form as known by one of ordinary skill in theart.

In other embodiments, the digital assistant device 504 can audibly, orotherwise, prompt the user to provide additional details for the user'scommand. For example, the digital assistant device 504 may prompt theuser to repeat a portion of the command, or supplement the command withan amount, wallet, product, or other information if the user did notprovide the information in the first user command.

In yet other embodiments, the digital assistant device 504 can clean thebiometric template. For example, the digital assistant device 504 canalso capture ambient noise and may be capable of subtracting the ambientnoise from the biometric template.

In some embodiments, the digital assistant device 504 can determinewhich service provider computer 506 the user stated in the command. Forexample, in some embodiments, the digital assistant device 504 cancompare the text obtained from the biometric template and/or biometricsample to a list of possible service provider computers. In someembodiments, the user's command may be “purchase W using ABC card of XYZwallet.” The digital assistant device 504, after parsing the command,can determine the service provider computer 506 based on “XYZ wallet.”

At step 522, after creating the biometric template and determining thatthe user wants to perform an interaction, the digital assistant device504 can scan for proximate devices. For example, the digital assistantdevice 504 can determine devices in a certain range of the digitalassistant device 504. In some embodiments, the digital assistant device504 can scan for BLE devices in proximity. The digital assistant device504 can determine a device identifier for each proximate devicedetected. For example, the user may have their user device 502 inproximity to the digital assistant device 504. However, otherindividuals may have devices in proximity to the digital assistantdevice 504. The digital assistant device 504 can receive a deviceidentifier from each device in proximity and may not have additionalinformation to determine which device identifier corresponds to the userdevice 502.

The digital assistant device 504 can generate a list of deviceidentifiers of the proximate devices. The digital assistant device 504can then transmit the list of device identifiers to the service providercomputer 506. The list of device identifiers can be any suitable list.For example, the list of device identifiers may be a data itemcomprising data fields that can be filled, by the digital assistantdevice 504, with device identifiers received from the proximate devices.The digital assistant device 504 can also transmit the biometrictemplate to the service provider computer 506.

In some embodiments, the digital assistant device 504 can encrypt thebiometric template prior to transmitting the biometric template to theservice provider computer 506. For example, the digital assistant device504 can encrypt the biometric template with a service provider computerpublic key, where the service provider computer 506 can be capable ofdecrypting the encrypted biometric template, for example, using aservice provider computer private key.

At step 524, after receiving the list of device identifiers and thebiometric template from the digital assistant device 504, the serviceprovider computer 506 can perform voice recognition, including bothspeaker recognition as well as speech recognition. During speakerrecognition, the service provider computer 506 can compare the biometrictemplate received from the digital assistant device 504 (i.e., receivedbiometric template) to stored biometric template(s).

The service provider computer 506 can query a database (e.g., a userdatabase) for device identifiers that match the device identifiers inthe list of device identifiers. The service provider computer 506 canretrieve the user profiles corresponding to the device identifiers inthe list of device identifiers. For example, if the lists of deviceidentifiers includes 3 device identifiers, then the service providercomputer 506 can query the database for the 3 device identifiers and thecorresponding user profiles.

The service provider computer 506 can compare the received biometrictemplate to the stored biometric templates of the retrieved userprofiles. For example, the service provider computer 506 can compare thereceived biometric template to each of the 3 user profiles thatcorrespond to the 3 device identifiers of the list of identifiers. Inthis way, the service provider computer 506 may not need to compare thereceived biometric template to each and every stored biometric template.

As an example, the service provider computer 506 can compare the pitchof the receive biometric template to the pitch of the stored biometrictemplate. If the pitch of both templates are similar, within an errormargin, the service provider computer 506 can determine that thetemplates match. In some embodiments, the service provider computer 506can compare any suitable number of other characteristics of thetemplates for example, word matching, phrase matching, pattern analysis,and/or other spectrographic analyses.

In some embodiments, the service provider computer 506 can first decryptthe stored encrypted biometric templates prior to comparing the storedbiometric templates to the received biometric template.

If the service provider computer 506 determines that at least one deviceidentifier of the list of device identifiers and the received biometrictemplate correspond to the same user profile, the service providercomputer 506 can determine which user has initiated the command to thedigital assistant device 504, thus authenticating the user.

While matching the device identifier and the received biometrictemplate, the service provider computer 506 can perform speechrecognition on the received biometric template. The service providercomputer 506 can determine a function to perform based on the receivedbiometric template. For example, if the received biometric template is avoice sample stating “purchase X with wallet XYZ,” the service providercomputer 506 can determine that the user wants to purchase the item Xwith the wallet XYZ.

The service provider computer 506 can also determine transactioninformation from the received biometric template. For example, theservice provider computer 506 can evaluate the received biometrictemplate to determine a product and/or service that the user wants topurchase. In some embodiments, the user can state the products and/orservices they want to purchase in their command to the digital assistantdevice 504. For example, in some embodiments, the service providercomputer 506 can utilize simple pattern matching, pattern and featureanalysis, language modeling and statistical analysis, and/or artificialneural networks to determine which products the user wants to purchase.

At step 526, after determining whether or not the received biometrictemplate matches a stored biometric template, the service providercomputer 506 can transmit an authentication response to the digitalassistant device 504. The authentication response can indicate whetheror not there was a match. If the service provider computer 506determined that the received biometric template does not match a storedbiometric template, the process can proceed to step 528. If the serviceprovider computer 506 determined that the received biometric templatematches a stored biometric template, the process can proceed to step530.

At step 528, after receiving the authentication response from theservice provider computer 506, if the authentication response indicates“no match,” the digital assistant device 504 can indicate to the userthat the biometric template does not match a stored biometric template.For example, the digital assistant device 504 can play a noise and/orstate any suitable “no match” message, such as, for example, “your voicewas not recognized.”

At step 530, after receiving the authentication response from theservice provider computer 506, if the authentication response indicates“match,” the digital assistant device 504 can indicate to the user thatthe biometric template does match a stored biometric template. Forexample, the digital assistant device 504 can play a noise and/or stateany suitable “match” message such as, for example, “your request isbeing processed” or “your voice has been authenticated.”

Referring to FIG. 5B, at step 532, if the authentication responseindicates “match,” the authentication response may also include acryptogram request. In some embodiments, the service provider computer506 can include the device identifier of the user device 502 in thecryptogram request, which can allow the digital assistant device 504 todetermine which user device to transmit the cryptogram request to. Thedigital assistant device 504 can forward the cryptogram request to theappropriate user device 502.

At step 534, after receiving the cryptogram request from the digitalassistant device 504, the user device 502 can transmit the cryptogram tothe digital assistant device 504. At step 536, after receiving thecryptogram from the user device 502, the digital assistant device 504can forward the cryptogram to the service provider computer 506.

At step 538, after receiving the cryptogram, the service providercomputer 506 can verify the cryptogram. For example, the serviceprovider computer 506 can compare the cryptogram received from the userdevice 502 to the cryptogram previously transmitted to the user device502 (e.g., at step 516).

At step 540, the service provider computer 506 can determine whether ornot the cryptogram is verified. If the cryptogram is not verified, thenthe process can proceed to step 542. If the cryptogram is verified, thenthe process can proceed to step 544 and/or step 546 which, in someembodiments, may be performed concurrently.

At step 542, if the cryptogram is not verified, the service providercomputer 506 can transmit a verification notification to the digitalassistant device 504. The verification notification can indicate thatthe cryptogram is not verified. The digital assistant device 504 canindicate the user that the cryptogram is invalid. For example, thedigital assistant device 504 can play an audio file to the user. Theaudio file can be a noise or a statement, such as, “interaction failed,”“invalid cryptogram,” etc.

At step 544, if the cryptogram is verified, the service providercomputer 506 can transmit a verification notification to the digitalassistant device 504. The verification notification can indicate thatthe cryptogram is verified. The digital assistant device 504 canindicate that the cryptogram is valid to the user. For example, thedigital assistant device 504 can play an audio file to the user. Theaudio file can be a noise or a statement, such as, “valid user device,”“valid cryptogram,” etc.

After the service provider computer 506 determines that the cryptogramis valid, the service provider computer 506 can transmit credentials,associated with the user, to the intermediary computer 508. The serviceprovider computer 506 can indicate for the intermediary computer 508 togenerate an authorization request message for the interaction. Theservice provider computer 506 can also transmit interaction information,such as transaction information, determined from the biometric templateto the intermediary computer 508.

In other embodiments, the service provider computer 506 can beconfigured to authorize the interaction. For example, upon verifying thecryptogram, the service provider computer 506 can authorize thetransaction.

At step 546, after receiving the credentials and interaction informationfrom the service provider computer 506, the intermediary computer 508can generate an authorization request message. The authorization requestmessage can include credentials. In some embodiments, the authorizationrequest message can also include transaction information, such as anyinformation associated with the current transaction, such as thetransaction value, merchant identifier, merchant location, acquirer bankidentification number (BIN), card acceptor ID, information identifyingitems being purchased, etc., as well as any other information that maybe utilized in determining whether to authorize the transaction. Theintermediary computer 508 can transmit the authorization request messageto a resource provider computer (e.g., the resource provider computer110 in FIG. 1).

In some embodiments, the service provider computer 506 can generate andthen transmit the authorization request message to the resource providercomputer. The resource provider computer can be operated by a resourceprovider, which may be the same resource provider operating the digitalassistant device 504. Upon receiving the authorization request message,the resource provider computer may transmit the authorization requestmessage to a transport computer, as described in further detail herein.In some embodiments, the resource provider computer can receive anauthorization request message from the service provider computer 506including credentials. The resource provider computer can then includetransaction information into the authorization request message prior totransmitting the authorization request message to the transportcomputer.

At step 548, the intermediary computer 508 can receive an authorizationresponse message. For example, the intermediary computer 508 can receivethe authorization response message from an authorization computer, via aresource provider computer, a processing network, and/or a transportcomputer. The intermediary computer 508 can determine whether or not theinteraction was authorized based on the authorization response message.If the intermediary computer 508 determines that the interaction wasauthorized, then the process can proceed to step 554. If theintermediary computer 508 determines that the interaction was notauthorized, then the process can proceed to step 550.

At step 550, the intermediary computer 508 can forward the authorizationresponse message to the service provider computer 506. In someembodiments, after receiving the authorization response message, theservice provider computer 506 can forward the authorization responsemessage to the digital assistant device 504. In other embodiments, theservice provider computer 506 can determine that the authorizationresponse message indicates that the interaction was not authorized. Theservice provider computer 506 can transmit a notification to the digitalassistant device 504 notifying the digital assistant device 504 of thenon-authorized interaction.

At step 552, after receiving the notification and/or the authorizationresponse message that indicates that the interaction was not authorized,the digital assistant device 504 can alert the user to the outcome ofthe interaction. For example, the digital assistant device 504 can playa message stating that the interaction failed, for example, by stating“the interaction failed.” In some embodiments, the digital assistantdevice 504 can indicate a reason why the interaction failed, forexample, “account error,” “connection error,” “lack of funds,” and/orany other suitable reason as determined from the authorization responsemessage. In other embodiments, the digital assistant device 504 canindicate that the user's credentials were invalid. In some embodiments,the digital assistant device 504 can emit an sound that can indicate theuser that the interaction was not authorized.

In some embodiments, at step 554, after determining that the interactionwas authorized, at step 548, the intermediary computer 508 cansuccessfully complete the interaction. For example, if the interactionis a data transfer between the user device and receiving device, theintermediary computer 508 can facilitate the data transfer.

At step 556, the intermediary computer 508 can forward the authorizationresponse message to the service provider computer 506. In someembodiments, after receiving the authorization response message, theservice provider computer 506 can forward the authorization responsemessage to the digital assistant device 504. In other embodiment, theservice provider computer 506 can determine that the authorizationresponse message indicates that the interaction was authorized. Theservice provider computer 506 can transmit a notification to the digitalassistant device 504 notifying the digital assistant device 504 of theauthorized interaction.

At step 558, after receiving the notification and/or the authorizationresponse message that indicates that the interaction was authorized, thedigital assistant device 504 can alert the user to the outcome of theinteraction. For example, the digital assistant device 504 can play amessage stating that the interaction was authorized, for example, bystating “the interaction was authorized.” In other embodiments, thedigital assistant device 504 can indicate that the user's credentialswere valid. In some embodiments, the digital assistant device 504 canemit an sound that can indicate to the user that the interaction wasauthorized, thus completing the interaction.

As an example, the digital assistant device 504 may be located in afitting room in a department store. The user may be a customer thatspeaks a command to the digital assistant device 504 to purchase an itemwhile in the fitting room such as “purchase W with wallet XYZ.” Thedigital assistant device 504 can record the command (i.e., biometricsample) with a microphone or other suitable biometric reader. Thedigital assistant device 504 can then convert the biometric sample intoa biometric template as described herein. The digital assistant device504 can then scan for proximate devices. In this case, the proximatedevices can be user devices that are located in the fitting room. Thedigital assistant can create a list of the discovered proximate devicesand transmit the list of the discovered proximate devices along with thebiometric template (preferably encrypted) to a service provider computer506.

Upon receiving the list of proximate devices and the biometric template,the service provider computer 506 can query a database for registeredusers associated with any of the user device identifiers included in thelist of proximate devices. The service provider computer 506 can thendetermine whether or not the received biometric template matches astored biometric template associated with the user devices identifiersincluded in the list of proximate devices. In this way, the serviceprovider computer 506 can determine a stored biometric template thatmatches the received biometric template as well as is associated with auser device identifier that is associated with a user device currentlyin proximity to the user in the fitting room. The service providercomputer 506 can also evaluate the received biometric template todetermine user intent, such as purchase an item.

After matching the user device identifier and biometric template as wellas determining which function to perform based on the user's command,the service provider computer 506 can transmit a request for acryptogram to the user device 502 via the digital assistant device 504.At this point the process may end if the user has left the proximity ofthe digital assistant device 504. For example, the user may leave thefitting room before the user device 502 receives the request for thecryptogram. In this case, the user device 502 may not receive thecryptogram request and the process can be terminated.

The user device 502, upon receiving the request for the cryptogram, cantransmit the cryptogram to the digital assistant device 504, which maytransmit the cryptogram to the service provider computer 506. Theservice provider computer 506 can verify that the received cryptogrammatches a previously provisioned cryptogram. If the cryptograms match,then the service provider computer 506 can further process thetransaction for the products and/or services previously indicated by theuser.

As another example, in reference to FIG. 1, a user device 102 can beoperated by a user. In some embodiments, the user may be located at aresource provider location and may attempt to pay for a good and/orservice at the resource provider. The user may ask a digital assistantdevice 104 to pay for an item with a certain digital wallet and/or card.The digital assistant device 104 can communicate with a service providercomputer 106 as described herein.

After verifying a cryptogram received from the user device 102 (e.g., atstep 540), the service provider computer 106 can indicate, via amessage, to an intermediary computer 108 to generate an authorizationrequest message for the interaction. In other embodiments, the serviceprovider computer 106 may generate the authorization request message andmay transmit the authorization request message to a resource providercomputer 110 and/or the transport computer 112.

The resource provider computer 110 may then receive the authorizationrequest message from the service provider computer 106 or theintermediary computer 108. In some embodiments, the resource providercomputer 110 can examine the transaction information in theauthorization request message for accuracy. If necessary, the resourceprovider computer 110 can edit the transaction information to reflect acorrect amount, product data, etc. For example, the service providercomputer 106 may have determined a product that the user wants topurchase based on the biometric template. The service provider computer106 can include the name of the product as supplied by the user into thetransaction information. The resource provider computer 110 can beconfigured to edit and/or add accurate product data to the authorizationrequest message. For example, the resource provider computer 110 can addthe amount of the product to the authorization request message.

The resource provider computer 110 may then transmit the authorizationrequest message to the transport computer 112. The transport computer112 may then receive, process, and forward the authorization requestmessage to a processing network 114 for authorization.

In general, prior to the occurrence of a credit or debit-cardtransaction, the processing network 114 has an established protocol witheach authorization computer on how the issuer's transactions are to beauthorized. The processing network 114 may receive the authorizationrequest message, determine the issuer associated with the user device102, and forward the authorization request message for the transactionto the authorization computer 116 for verification and authorization.Once the transaction is authorized, the authorization computer 116 maygenerate an authorization response message (that may include anauthorization code indicating the transaction is approved or declined)and transmit this electronic message via its external communicationinterface to the processing network 114. The processing network 114 maythen forward the authorization response message to the transportcomputer 112, which in turn may then transmit the electronic message(e.g., the authorization response message) comprising the authorizationindication to the resource provider computer 110, and then, in someembodiments, to the digital assistant device 104.

At the end of the day or at some other suitable time interval, aclearing and settlement process between the resource provider computer110, the transport computer 112, the processing network 114, and theauthorization computer 116 may be performed on the transaction.

Embodiments of the invention have a number of advantages. For example,embodiments of the invention allow for an interaction, such as atransaction, to be performed with a digital assistant device. Thedigital assistant device can be an anonymous digital assistant device oran assistant with no context. Today, users are inherently logged in to adigital assistant device, however, embodiments of the invention allowfor the user to securely perform an interaction with a pubic/anonymousdigital assistant device, such as, a digital assistant device at aresource provider location, while preserving security of theinteraction.

Embodiments of the invention provide for additional advantages. Forexample, the user is authenticated in several ways. The user can beauthenticated by a user device identifier matching a stored deviceidentifier while in range of the digital assistant. The user can also beauthenticated by their biometric template matching a stored biometrictemplate. Further, the user can be authenticated by the service providercomputer by matching a cryptogram received from the user device to acryptogram previously provisioned to the user device. The user can beauthenticated in multiple ways while initiating the interaction.

Embodiments of the invention provide for additional advantages. Forexample, embodiments can prevent replay attacks, where a malicious partyattempts to record the user's voice command to use for later maliciousinteraction attempts. Embodiments of the invention prevent replayattacks through the use of the user device being in short rangecommunication (e.g., Bluetooth range, etc.) with the digital assistantdevice. The use of the user device in short range communication ensuresthat the user is actually present at and/or neat the digital assistantdevice, and also concurrently ensures that the user has the correctcredentials and is in possession of the authentic user device.

For example, a malicious party can record the user's voice command tothe digital assistant at a resource provider location. The user can becorrectly authentication by the voice command and the cryptogram, asdescribed herein. The malicious party can attempt to either play themalicious recording of the user's voice while the user is present orafter the user leaves. In the case that the malicious party plays themalicious recording when the user is present, then the user will be ableto hear the malicious recording and report the malicious activityaccordingly. In the second case, if the malicious party attempts to playthe malicious recording of the user's voice command to the digitalassistant device after the user leaves, the service provider computerwill not be able to authenticate a cryptogram from the user device,since the user has left the location, and thus communication range. Theattempted malicious interaction will be denied as no cryptogram can beverified when the user device is not in short range communication withthe digital assistant device, thus preventing replay attacks.

Any of the software components or functions described in thisapplication may be implemented as software code to be executed by aprocessor using any suitable computer language such as, for example,Java, C, C++, C#, Objective-C, Swift, or scripting language such as Perlor Python using, for example, conventional or object-orientedtechniques. The software code may be stored as a series of instructionsor commands on a computer readable medium for storage and/ortransmission, suitable media include random access memory (RAM), a readonly memory (ROM), a magnetic medium such as a hard-drive or a floppydisk, or an optical medium such as a compact disk (CD) or DVD (digitalversatile disk), flash memory, and the like. The computer readablemedium may be any combination of such storage or transmission devices.

Such programs may also be encoded and transmitted using carrier signalsadapted for transmission via wired, optical, and/or wireless networksconforming to a variety of protocols, including the Internet. As such, acomputer readable medium according to an embodiment of the presentinvention may be created using a data signal encoded with such programs.Computer readable media encoded with the program code may be packagedwith a compatible device or provided separately from other devices(e.g., via Internet download). Any such computer readable medium mayreside on or within a single computer product (e.g., a hard drive, a CD,or an entire computer system), and may be present on or within differentcomputer products within a system or network. A computer system mayinclude a monitor, printer, or other suitable display for providing anyof the results mentioned herein to a user.

The above description is illustrative and is not restrictive. Manyvariations of the invention will become apparent to those skilled in theart upon review of the disclosure. The scope of the invention should,therefore, be determined not with reference to the above description,but instead should be determined with reference to the pending claimsalong with their full scope or equivalents.

One or more features from any embodiment may be combined with one ormore features of any other embodiment without departing from the scopeof the invention.

As used herein, the use of “a,” “an,” or “the” is intended to mean “atleast one,” unless specifically indicated to the contrary.

What is claimed is:
 1. A method comprising: receiving, by a digitalassistant device, a biometric sample from a user, the biometric samplebeing a biometric voice template associated with a voice command;converting, by the digital assistant device, the biometric sample to abiometric template; determining, by the digital assistant device, a taskflow and parameters associated with the task flow based at least in parton a speech recognition algorithm that utilizes the biometric samplefrom the user, the task flow designed to accomplish an inferred intentfrom the biometric sample and executed by invoking programs, services,and application program interfaces (APIs) that corresponds to theinferred intent; scanning, by the digital assistant device, for userdevices in communication range of the digital assistant device, therebyreceiving user device identifiers, wherein scanning for the user devicesincludes scanning for the user devices that are within the communicationrange of a Bluetooth low energy component of the digital assistantdevice and that the user devices include a digital wallet application;transmitting, by the digital assistant device to a server computer, alist of the user devices in communication range of the digital assistantdevice and the user device identifiers of the user devices incommunication range of the digital assistant device, wherein the servercomputer queries a database for registered users associated with theuser device identifiers; transmitting, by the digital assistant deviceto the server computer, an authentication request comprising thebiometric template and at least one user device identifier of the userdevice identifiers that are included in the database for the registeredusers associated with the user device identifiers, the authenticationrequest corresponding to the determined task flow; receiving, by thedigital assistant device from the server computer, a cryptogram requestmessage comprising the at least one user device identifier;transmitting, by the digital assistant device to a user devicecorresponding to the at least one user device identifier, the cryptogramrequest message; receiving, by the digital assistant device from theuser device, a cryptogram, the cryptogram previously generated by theserver computer and transmitted to the user device, the cryptogramgenerated based on user device information of the user device; andtransmitting, by the digital assistant device to the server computer,the cryptogram, wherein the server computer verifies the cryptogrambefore further processing of a transaction.
 2. The method of claim 1,wherein the biometric template is an encrypted biometric template. 3.The method of claim 1, wherein after converting the biometric sample tothe biometric template, the method further comprises: determining, bythe digital assistant device, the server computer based on the biometrictemplate.
 4. The method of claim 1, wherein the server computer is aservice provider computer and the server computer: receives thebiometric template and the at least one user device identifier;determines whether or not the at least one user device identifiermatches a stored user device identifier; determines whether or not thebiometric template matches a stored biometric template associated withthe stored user device identifier if the at least one user deviceidentifier matches the stored user device identifier; and transmits thecryptogram request message to the digital assistant device.
 5. Themethod of claim 1 further comprising: notifying, by the digitalassistant device, the user about the transaction.
 6. A digital assistantdevice comprising: a processor; a memory device; and a computer-readablemedium coupled to the processor, the computer-readable medium comprisingcode executable by the processor for implementing a method comprising:receiving a biometric sample from a user, the biometric sample being abiometric voice template associated with a voice command; converting thebiometric sample to a biometric template; determining a task flow andparameters associated with the task flow based at least in part on aspeech recognition algorithm that utilizes the biometric sample from theuser, the task flow designed to accomplish an inferred intent from thebiometric sample and executed by invoking programs, services, andapplication program interfaces (APIs) that corresponds to the inferredintent; scanning for user devices in communication range of the digitalassistant device, thereby receiving user device identifiers, whereinscanning for the user devices includes scanning for the user devicesthat are within the communication range of a Bluetooth low energycomponent of the digital assistant device and that the user devicesinclude a digital wallet application; transmitting, to a servercomputer, a list of the user devices in communication range of thedigital assistant device and the user device identifiers of the userdevices in communication range of the digital assistant device, whereinthe server computer queries a database for registered users associatedwith the user device identifiers; transmitting, to the server computer,an authentication request comprising the biometric template and at leastone user device identifier of the user device identifiers that areincluded in the database for the registered users associated with theuser device identifiers, the authentication request corresponding to thedetermined task flow; receiving, from the server computer, a cryptogramrequest message comprising the at least one user device identifier;transmitting, to a user device corresponding to the at least one userdevice identifier, the cryptogram request message; receiving, from theuser device, a cryptogram, the cryptogram previously generated by theserver computer and transmitted to the user device, the cryptogramgenerated based on user device information of the user device; andtransmitting, to the server computer, the cryptogram, wherein the servercomputer verifies the cryptogram before further processing of atransaction.
 7. The digital assistant device of claim 6, wherein thebiometric template is an encrypted biometric template.
 8. The digitalassistant device of claim 6, wherein after converting the biometricsample to the biometric template, the method further comprises:determining the server computer based on the biometric template.
 9. Thedigital assistant device of claim 6, wherein the server computer is aservice provider computer and the server computer: receives thebiometric template and the at least one user device identifier;determines whether or not the at least one user device identifiermatches a stored user device identifier; determines whether or not thebiometric template matches a stored biometric template associated withthe stored user device identifier if the at least one user deviceidentifier matches the stored user device identifier; and transmits thecryptogram request message to the digital assistant device.
 10. Thedigital assistant device of claim 6, wherein the method furthercomprises: notifying the user about the transaction.
 11. A methodcomprising: receiving, by a server computer from a digital assistantdevice, an authentication request message comprising a biometrictemplate and at least one user device identifier, the authenticationrequest message corresponding to a task flow, the task flow andparameters associated with the task flow determined, by the digitalassistant device, based at least in part on a speech recognitionalgorithm that uses a biometric sample from a user associated with thedigital assistant device, the biometric sample being a biometric voicetemplate associated with a voice command, and the task flow designed toaccomplish an inferred intent from the biometric sample and executed byinvoking programs, services, and application program interfaces (APIs)that corresponds to the inferred intent, wherein the digital assistantdevice scans for user devices in communication range of the digitalassistant device to receive the user device identifier, and whereinscanning for the user devices includes scanning for the user devicesthat are within the communication range of a Bluetooth low energycomponent of the digital assistant device and that the user devicesinclude a digital wallet application; receiving, by the server computerand from the digital assistant device, a list of the user devices incommunication range of the digital assistant device; querying, by theserver computer, a database for registered users associated with theuser device identifiers; comparing, by the server computer, thebiometric template to a stored biometric concurrently with determiningif the biometric template corresponds to an account associated with theat least one user device identifier of the user device identifiers thatare included in the database for the registered users associated withthe user device identifiers; transmitting, by the server computer, acryptogram request message to the digital assistant device; receiving,by the server computer, a cryptogram from the digital assistant device,the cryptogram previously generated by the server computer andtransmitted to the digital assistant device, the cryptogram generatedbased on device information of a user device associated with at leastone user device identifier of the user device identifiers; determining,by the server computer, whether or not the cryptogram matches an issuedcryptogram previously provisioned to the user device associated with theat least one user device identifier; and if the cryptogram matches theissued cryptogram, then further processing a transaction.
 12. The methodof claim 11, wherein further processing a transaction further comprises:transmitting, by the server computer, an authorization request messageto an authorization computer; and receiving, by the server computer, anauthorization response message.
 13. The method of claim 11, wherein theserver computer is a service provider computer.
 14. The method of claim11 further comprising: evaluating, by the server computer, the biometrictemplate to determine whether or not to transmit the cryptogram requestmessage.